Ask your WordPress questions! Pay money and get answers fast! Comodo Trusted Site Seal
Official PayPal Seal

Website recently received a "Deceptive Site" notice from Google. I am WordPress


Website recently received a "Deceptive Site" notice from Google. I am unable to access the dashboard via wp-login.php. Thought about using FTP to upload a Malware scan plugin, but how would I activate it? What are my options?

Answers (7)


Navjot Singh answers:

Use FTP to take a backup of your themes/plugins/uploads folders and then delete all uploads, plugins and the inactive themes from your server. Also delete the wp-admin and wp-content and remaining wordpress files from the root folder except for wp-config.php and replace them with the files from a freshly downloaded wordpress install.

Also look for any suscipious file or a recently modified file which you didn't modify in the themes folder or the root wordpress folder.

After making these changes, try to log back in your site.


Arnav Joy answers:

Please check this
and this


Monit Jadhav answers:

It seems like a malware, Check for any weird looking files on FTP root remove them if possible

Comprehensive guide here

Detailed tutorial similar to what Navjot said

Wordpress Guide on hacked sites

Hardening Wordpress so as to avoid future mishaps of this kind

A word from google on how to fix this

Also check out these two links below as well

Hope this solves the issue

Let me know if the problem persists


Bob answers:

Can you share your website url?
What does google webmaster/console report says?

You can find many tutorials on youtube to cleaning wordpress files.
Here is one.

Sometime Hackers inject Scripts in database so you have to check that also.
There could be Malicious script in your theme or upload directory files so before restoring/uploading it with new wordpress files please check them also.

Many hosting provider can help you to clean infected website/files you can ask their help also.

After cleaning website you need to go to google website/google search console to let google know that website is clean now.

Don't forget to check your .htaccess file too. sometime redirect code is added there.

Avonnes comments:

google webmaster/console report --
Google Safe Browsing recently detected phishing
The following were flagged --
. . . /wp-content/themes/genesis/lib/js/menu/superfish.args.min.js?ver=2.8.0
. . . /wp-content/themes/genesis/lib/js/menu/superfish.compat.min.js?ver=2.8.0
. . . /wp-content/themes/genesis/lib/js/menu/superfish.min.js?ver=1.7.5
. . . /wp-includes/js/hoverIntent.min.js?ver=1.8.1
. . . /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
. . . /wp-includes/js/jquery/jquery.js?ver=1.12.4
. . . /wp-includes/js/wp-embed.min.js?ver=5.0.11
. . . /wp-includes/js/wp-emoji-release.min.js?ver=5.0.11


Hariprasad Vijayan answers:

Hi there,

Checkout these links



Cesar Contreras answers:

install your backup of the most current website from ftp


Francisco Javier Carazo Gil answers:

You can do a complete scan using WordFence.

I have done some times and it worked great.

Check about the result of the scan.